Double-entry bookkeeping records transactions as debits and credits to different entities.

"Data are a liability* is a recognition that whilst there may be a positive value to data, there is also a probabalistic negative value, especially in the event of unauthorised access or disclosure. That's not a double-entry value, where debits equal credits, it's an independent value, independent of the asset value, dependent on the nature of the data, the type of disclosure, the subject of the data, and the identity of the actor(s) who gain access to the information.

The role is the same as that of any other business liability risk. And again, is independent of the asset value.

As with other liabilities, the actual extent and probability of the liability-based cost is often unclear, and may change with time, particularly as the environment changes.